Feeds

McAfee slaps Trojan warning on MS Office Live

Friendly fire from update

The Essential Guide to IT Transformation

McAfee has apologised after an anti-virus update released on Monday night incorrectly identified a plug-in for Microsoft Office Live Meeting as a Trojan.

The signature update file mistakingly flagged LMCAPI.exe (a component of Live Update) as a Trojan called Swizzor. As a result the component was incorrectly deleted from thousands of desktops at one huge multinational, staffers from which informed us of the problem but requested anonymity. Techies at the firm had to roll out new versions of Live Update as well as an updated signature file that avoids the false alert.

In a statement, McAfee said the snafu affected only a "small percentage" of its enterprise customers.

The issue was rapidly identified and corrected in the signature release on Tuesday 5th August, with any customer contacting McAfee prior to the release of the corrected signature being given an additional DAT file that suppressed this incorrect identification.

McAfee Avert Labs aims to maintain a high-level of proactiveness and accuracy in its generic detection signatures and to minimise false positives, while making any required corrections as rapidly as possible. McAfee would like to apologise to any customers affected by this issue.

Faulty anti-virus signature updates are a generic problem faced by all security vendors from time to time. Previous examples have included a Kaspersky update quarantining Windows Explorer, AVG crying wolf at Adobe Reader and, more recently, both CA and McAfee decided that legitimate JavaScript apps were malign.

These are three examples of a problem we've written about many times in the past and for which no ready solution is apparent. Effects vary by environment and miss-diagnosed application but can run to anything from the automatic deletion of a component no-one misses to locked-up workstations in the worst cases, which are mercifully rare. ®

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Fiendishly complex password app extension ships for iOS 8
Just slip it in, won't hurt a bit, 1Password makers urge devs
Tor attack nodes RIPPED MASKS off users for 6 MONTHS
Traffic confirmation attack bared users' privates - but to whom?
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.